<?PHP
	//written by Slyferz
	//getting the wanted login information
	$pass1 = $_POST['pass'];
	$uname1 = $_POST['uname'];
	$pass = sha1($pass1);
	$uname = addslashes($uname1);
//displaying the form to apply for acess
function forms()
{
	echo("
		<form name='register' action='index2.php?page=register' method='post'>
		<table class = 'middle'>
		<tr><td>Desired Username:
		<input type='text' name='uname' maxlength = '24' size = '10' /></td></tr>
		<tr><td>Desired Password:
		<input type='password' name='pass' maxlength = '24' size = '10' /></td></tr>
		</table>
		<table class = 'middle'>
		<!-- pass a session id to the query string of the script to prevent ie caching -->
		<tr><td><img src='securimage/securimage_show.php?sid=<?php echo(md5(uniqid(time()))); ?>'></td></tr>
		<tr><td><input type='text' name='code' /></td></tr>
		<tr><td><input type='submit' value='Register' /></td></tr>
		</table>
		</form>");
}
//if information was submitted into the form
if(empty($uname1))
{
forms();
}
else
{
	//getting the captcha
	include("securimage/securimage.php");
	$img = new Securimage();
	$valid = $img->check(strtoupper($_POST['code']));

	//making sure the username doesnt already exist	
	$result = mysql_query("SELECT name FROM userinfo WHERE name = '".$uname."'");
	$row = mysql_fetch_array($result);
	if(!empty($row[0]))
	{
		echo("<p>Usename Already Exist</p>");
		forms();
	}
	//checking the captcha
	else if($valid != true)
	{
		echo("Invalid Login");
		forms();
	}
	//else registering the username and password connected to it
	else
	{
		$result = mysql_query("SELECT MAX(userid) FROM userinfo");
		$row = mysql_fetch_array($result);
		$uid = $row[0] + 1;
//		mysql_query("INSERT INTO pax VALUES (,".$uid.")");
		mysql_query("INSERT INTO userinfo VALUES (".$uid.",'".$pass."','lemming','".$uname."','','','-1','-1','-1','-1','-1')");
		echo("User ".$uname." successfully registered");
//		mysql_query("DELETE FROM permission WHERE perm = ".$perm);
	}
}
?>
